Computer Internet network security News

Audit unearthed disaster-in-the-making.

“What the report showed, which was correct, was that we weren’t taking the proper steps to protect some laptops,” Everson said. “We’ve worked to encrypt all of the laptops and that’s just about done. We’ve got a couple dozen more we’ve got to finish up in the next few weeks.”

Auditors tested 100 laptop computers used by IRS employees and found that 44 of them contained “unencrypted sensitive data, including taxpayer data and employee personnel data.”

The audit was conducted by the Treasury Inspector General for Tax Administration. It also determined that nearly 500 IRS laptops went missing between Jan. 2, 2003 and June 13, 2006.

Computer security Systems, Encryption Computer security Systems, Encryption, laptop

Gartner blows a gasket on hyped technology.
Companies rushing to deploy virtualisation technologies for could wind up overlooking many security issues and exposing themselves to risk, Gartner has warned.

Virtualisation software offers the ability to run multiple operating systems, or multiple sessions of a single operating system, on a single physical machine, whether server or desktop. But virtualisation software, such as hypervisors, present a layer that will be attacked and security strategies need to be put in place in advance, Gartner warns.“Many organisations mistakenly assume that their approach for securing virtual machines will be the same as securing any OS and thus plan to apply their existing configuration guidelines, standards and tools,” MacDonald said. While this is a start, a closer look at securing virtual machines is required, especially since needed tools may be “immature or non-existent,” according to Gartner.

Gartner analysts said the process of securing VMs must start before the VMs are deployed, and ideally, before vendors and products are selected, so that security and securability can be factored into the evaluation and selection process. During this process, organizations must consider these security issues in virtualized environments:

• Virtualization software, such as hypervisors, represent a new layer of privileged software that will be attacked and must be protected.

• The loss of separation of duties for administrative tasks, which can lead to a breakdown of defense in-depth.

• Patching, signature updates, and protection from tampering for offline VM and VM “appliance” images.

• Patching and secure confirmation management of VM appliances where the underlying OS and configuration are not accessible.

• Limited visibility into the host OS and virtual network to find vulnerabilities and assess correct configuration.

• Restricted view into inter-VM traffic for inspection by intrusion prevention systems (IPSs).

• Mobile VMs will require security policy and settings to migrate with them.

• Immature and incomplete security and management tools.

Operating systems security gartner analysts, security issues, virtual machines, virtualisation

Security vendor Sophos reported last Thursday that Microsoft’s Vista is vulnerable to at least three pieces of widespread malware, two of which date back to 2004. At least three well-known internet worms — labelled Stratio-Zip, Netsky-D and MyDoom-O by Sophos — are able to execute on the operating system, according to Sophos.

However, because these attacks rely on user interaction to execute the code, Microsoft has denied this is a flaw. Microsoft said that these attacks rely on social-engineering techniques to be successful.

“Microsoft is aware of a report by Sophos that claims variants of existing malware may affect users running Windows Vista,” the software giant said in a statement. “Based on our initial investigation, Microsoft can confirm that these variants do not take advantage of a security vulnerability, rather they rely on social engineering to infect a user’s system.”

Social engineering relies on tricking users into executing malicious code themselves — a user has to open an infected attachment on an e-mail for these worms to infect the system. Windows Mail Client — the Vista replacement to Outlook — will block the worms, but businesses running third-party e-mail clients such as Lotus Notes, or webmail such as Yahoo or GoogleMail, could be vulnerable to social-engineering attacks.

Microsoft stopped short of blaming third-party e-mail clients for the problem, but said that User Account Control (UAC) — which limits users’ ability to install applications unless they have administrator privileges — can “help to provide better protections”. IT managers can run Vista end-user accounts with limited “standard user” privileges, rather than administrator privileges. Users are also given security prompts when attempting to run executable code.

“In those cases where other e-mail clients may not have made the same aggressive security design decisions as Microsoft did with Windows Mail Client, other protections such as UAC can apply still to help provide better protections against email-based social-engineering attacks,” Microsoft’s statement said.

Computer security Systems, Microsoft security Computer security Systems, Microsoft-security, vista

Hackers and virus creators have finally infected the Apple iPod – albeit very marginally since it affects only iPods with the Linux operating system  (about 0.01% of all iPods).

Kasperksy Lab calls it the ‘Podloso’ while security major F-secure has named the virus ‘Oslo.zip’. According to a report by Kaspersky Lab, the user has to save the virus to the iPod memory for the device to become infected.

iPod Linux is a CLinux-based software distribution targeted specifically to run on Apple iPods, and it enables users to run a variety of third party software such as games. With 70 million pieces the world over, the iPod is the most used music gadget. This virus, however, does not infect iPods that run the default iPod operating system.

Computer security Systems apple ipods, ipods, Linux security, virus

Refreshed hardware, refreshed company.
Watchguard has overhauled its Firebox Core and Peak e-series UTM (unified threat management) appliances, amongst a number of improvements, doubling firewall throughput.

Unified threat management (UTM) specialist Watchguard has upgraded the security features of its FireBox X e-Series appliances with the second significant firmware refresh in six months.

Fireware Version 9.1 adds spam quarantining, POP3 e-mail proxying, inbound server load balancing, and enhanced antivirus scanning to an already extensive list of capabilities, as befits the do-it-all UTM security model espoused by the company.

More at Networkworld

Browsers security firefox, fireware, security model, watchguard

Job cuts expected after Websense bid.
Websense has made a $400m offer to buy UK security vendor SurfControl, and said there will be job cuts when the deal closes.

Read more at ivanr

Computer security Systems

Symantec has confirmed flaws in its most popular consumer security software that could give attackers the means to hijack the Windows PCs that the programs are supposed to protect.

The vulnerabilities are in an ActiveX control that ships with several products, including Norton AntiVirus, Norton Internet Security, Norton SystemWorks and Norton 360.

Ironically, Symantec analysts have both cited the popularity of ActiveX bugs and urged caution when using the controls in comments about other companies’ product flaws.

According to alerts released Wednesday by VeriSign Inc.’s iDefense, the ActiveX control “SymAData.dll” sports two vulnerabilities that could be used “to execute arbitrary code with the privileges of the currently logged in user” by attackers able to entice victims to malicious Web sites.

Windows security antivirus norton, norton internet security, Security-software, verisign inc, Vulnerabilities

Before a commercial software program is released to the public, it usually goes through a “beta” phase. During this stage, the software is tested for bugs, crashes, errors, inconsistencies, and any other problems. Though beta versions of software used to be made available only to developers, they are now sometimes made available for the general public to test, usually through the software company’s Web site. However, because beta software is free, the programs usually expire after a period of time. If you choose to test a beta software program, don’t be surprised if it has multiple problems and causes your computer to repeatedly crash. After all, it is the beta version. You can tell if a program is still in beta by checking the program’s properties. If there is a “b” in the version number (i.e. Version: 1.2 b3) that means it’s a beta version.

A test for a computer product prior to commercial release.  Beta testing is the last stage of testing, and normally can involve sending the product to beta test sites outside the company for real-world exposure or offering the product for a free trial download over the Internet. Beta testing is often preceded by a round of testing called alpha testing

B, Glossary of computer security B, beta, beta-release, beta-testing, Glossary-of-computer-security

The term “bespoke” comes from England where it originally referred to custom or tailor-made clothing. In recent years, however, the term has been applied to information technology (IT), and refers to custom services or products.

For example, bespoke software is software customized for a specific purpose. Bespoke programs may include custom accounting software for a certain company or a network monitoring tool for a specific network. Because bespoke software is custom-made for a specific purpose, bespoke programs are also considered vertical market software.

Another area where bespoke is used in the computer industry is in reference to websites. A bespoke website is one that is custom-built, often from scratch, to suit the needs of a business or organization. This may include a custom layout, custom database integration, and other extra features the client may require. Because bespoke websites must be individually tailored to a client’s needs, they often take longer to develop and are more expensive than websites built from templates.

Finally, bespoke can also be used to refer to hardware. Computer companies, such as Dell, HP, and Apple may provide customers with custom options for the systems they buy. For example, one person may choose to build his system with a high-end graphics card for video production, while another person may choose a basic graphics card, but may add additional RAM so her computer will be able to run several programs at once. These custom configurations are sometimes referred to as bespoke systems.

B, Glossary of computer security B, bespoke, Glossary-of-computer-security, programing, Security software, tailor-made

Stands for “Blind Carbon Copy.” When you send an e-mail to only one person, you type the recipient’s address in the “To:” field. When you send a message to more than one person, you have the option to enter addresses in the “Cc:” and “Bcc:” fields. “Cc” stands for “Carbon Copy,” while “Bcc” stands for “Blind Carbon Copy.”

A carbon copy, or “Cc’d” message is an e-mail that is copied to one or more recipients. Both the main recipient (whose address is in the “To:” field) and the Cc’d recipients can see all the addresses the message was sent to. When a message is blind carbon copied, neither the main recipient nor the Bcc’d recipients can see the addresses in the “Bcc:” field.

Blind carbon copying is a useful way to let others see an e-mail you sent without the main recipient knowing. It is faster than sending the original message and then forwarding the sent message to the other recipients. It is also good netiquette to use Bcc when copying a message to many people. This prevents the e-mail addresses from being captured by someone in the list who might use them for spamming purposes. However, if it is important that each recipient knows who your message was sent to, use carbon copy (Cc) instead.

B, Glossary of computer security B, bcc, Email security, Glossary-of-computer-security

Contrary to popular belief, baud is not a direct measurement of data transfer speed, but instead it measures how many electrical signals are sent per second. Baud is used to measure the rate of electrical signals, or “signaling elements,” for modems, networks, serial cables, and other data transfer mediums.

Some people think that baud and bits per second are equal. For example, they’ll say a 28,800 bps modem transmits at 28,800 baud, and act like they know everything. But the fact is, most modems transmit multiple bits of data per baud, so while the the two values are related, they are typically not equal. So the next time your friend says his 56K v.90 modem can transfer data at 56,000 baud, you can kindly tell him that he is incorrect and explain to him the difference between baud and bps.

At slow speeds, only one bit of information (signaling element) is encoded in each electrical change. The baud, therefore, indicates the number of bits per second that are transmitted. For example, 300 baud means that 300 bits are transmitted each second (abbreviated 300 bps ). Assuming asynchronous communication, which requires 10 bits per character, this translates to 30 characters per second (cps). For slow rates (below 1,200 baud), you can divide the baud by 10 to see how many characters per second are sent.

B, Glossary of computer security B, baud, data-transfer, Glossary-of-computer-security, modem

As most computer users know, some computing tasks can be tedious and repetitive. Fortunately, if a task is indeed repetitive, a batch process can be used to automate much of the work.

A batch process performs a list of commands in sequence. It be run by a computer’s operating system using a script or batch file, or may be executed within a program using a macro or internal scripting tool. For example, an accountant may create a script to open several financial programs at once, saving him the hassle of opening each program individually. This type of batch process would be executed by the operating system, such as Windows or the Mac OS. A Photoshop user, on the other hand, might use a batch process to modify several images at one time. For example, she might record an action within Photoshop that resizes and crops an image. Once the action has been recorded, she can batch process a folder of images, which will perform the action on all the images in the folder.

Batch processing can save time and energy by automating repetitive tasks. While it may take awhile to write the script or record the repetitive actions, doing it once is certainly better than having to do it many times.

B, Glossary of computer security B, batch-process, commands, Computer security programming, Glossary-of-computer-security